| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of building the initrds for the mkosi images with dracut,
let's switch to using mkosi presets to build the initrd with mkosi
as well.
This commit splits up our single image build into three separate
mkosi presets:
1. The "base" preset. This image contains systemd and all its runtime
dependencies. The sole purpose of this image is to serve as a base image
for the initrd and the final image. It's also responsible for building
systemd from source with the build script. The results are installed into
the base image. Note that we install the systemd and udev packages into this
image as well to prevent package managers from overriding the systemd we built
from source with the distro packaged systemd if it's pulled in as a dependency
by another package from the initrd or final profiles.
2. The "initrd" preset. This image provides the initrd. It's trivial and does
nothing more than packaging the base image up as a zstd compressed initramfs and
adds /init and /etc/initrd-release symlinks to the image.
3. The "final" preset. This image builds on top of the base image and adds
a kernel and extra packages that are useful for testing and debugging.
We also split out the optional kernel build into a separate set of config files
that are only included if a kernel to build is actually provided.
Note that this commit doesn't really change anything about how mkosi is used.
The commands remain the same, except that mkosi will now build all the presets
in order. "mkosi summary" will show the summary of all the presets. "mkosi qemu,
boot, shell" will always boot the final preset. With "-f", all presets will be
built and the final one is booted. "-i" makes a cache of each preset.
The only thing to keep in mind is that specifying config via the mkosi CLI will
apply to each of the presets. e.g. any extra packages added with "-p" will be
installed in both the initrd and the final image. To apply local configuration
to a single preset, create a file 00-local.conf in
mkosi.presets/<profile>/mkosi.conf.d and put all the preset specific configuration
in there.
|
| |
|
|
|
| |
If we build a kernel from source, let's make sure it's always booted
by giving it a very high version number.
|
| |
|
|
|
| |
Let's override the default timeout to something more reasonable for
mkosi builds.
|
| |
|
|
|
|
|
| |
This drops all mentions of gnu-efi and its manual build machinery. A
future commit will bring bootloader builds back. A new bootloader meson
option is now used to control whether to build sd-boot and its userspace
tooling.
|
| | |
|
| |
|
|
|
|
| |
Let's move stuff that only applies to the final image to the
postinst script. Let's also move out some of the static files to
mkosi.extra/ instead of hardcoding them in scripts.
|
| |
|
|
|
| |
A "disable *" preset is already shipped on debian so no need to add
one ourselves.
|
| |
|
|
|
| |
mkosi scripts are shell scripts and for shell scripts we use 4 space
indentation.
|
| |
|
|
|
| |
mkosi will always run all commands with the C.UTF-8 locale so we
don't need a workaround in the build script anymore.
|
| |
|
|
|
| |
Build scripts will always run in an environment with /etc/ available
now, so we don't need this workaround anymore.
|
| |
|
|
|
|
|
| |
Debian/Ubuntu use /usr/lib/<triplet> instead of /usr/lib64, so configure it
accordingly. This is especially important for cryptsetup token plugins,
as cryptsetup comes from the distro and is configured to look into those
directories.
|
| |
|
|
|
| |
The selftests automatically pick up the headers from the kernel
build directory so we don't have to install them to /usr ourselves.
|
| |
|
|
|
|
|
|
|
| |
Let's make sure we're testing unprivileged builds properly. Usage
of SourceFileTransfer= and SourceFileTransferFinal= are removed as
they were dropped by mkosi. SourceFileTransfer=mount is now the
default in mkosi so behavior for the build script is unchanged. We
stop copying sources in the final image until mkosi adds support
for virtiofs.
|
| |
|
|
|
| |
Now that jammy is the latest LTS, lets drop the focal workaround
from the build script.
|
| |
|
|
|
|
| |
When unprivileged mkosi becomes available, builds will be executed
as an unprivileged user, so we won't be able to modify the rootfs
anymore. Let's update the build script to account for this.
|
| | |
|
| |
|
|
|
|
|
| |
We also add the necessary deps for ukify to the mkosi configs.
CentOS Stream 8 is dropped from CI because its python version is too
old (3.6) to be able to run ukify.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of relying on the arch specific kconfigs that enable all
kinds of options that are irrelevant for our use case, let's beef
up our own config a little so that we don't need to rely on the
arch specific configs anymore.
Also, instead of using scripts/config to enable options in the
mkosi build script, let's add a new kernel.config file that includes
all the configs we want enabled/disabled.
Finally, let's make sure we can properly run the bpf selftests by
making sure we enable all the right configs required to run the bpf
selftests successfully. We use the scripts/kconfig/merge_config.sh
script to merge the three different config files together.
|
| |\
| |
| | |
Skip mkosi runs on docs-only changes and some small cleanups
|
| | | |
|
| |/
|
|
| |
Also note them in the mkosi.build kernel config list
|
| | |
|
| | |
|
| |
|
|
|
| |
This got changed by mistake by #24511. Since we still support the
same libbpf version, we can keep this enabled everywhere.
|
| |\
| |
| | |
mkosi: Optionally build a kernel image from mkosi.kernel/
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If mkosi.kernel/ exists, the mkosi script will try to build a kernel
image from it. We use the architecture defconfig as a base and add
our own extra configuration on top.
We also add some extra tooling to the build image required to build
the kernel and include some documentation in HACKING.md on how to
use this new feature.
To avoid the kernel sources from being copied into the build or
final image (which we don't want because it takes a while), we put
the mkosi.kernel/ directory in .gitignore and use
"SourceFileTransfer=mount" so that the sources are still accessible
in the build image.
|
| |/
|
|
|
|
|
|
| |
We already depend on the skeleton APIs introduced in libbpf 0.7 so
let's bump our minimum version to reflect that.
We don't enforce bpf compilation on mkosi anymore since not all
distros have sufficiently up-to-date libbpf available.
|
| | |
|
| |
|
|
|
| |
It disappeared again from SUSE Tumbleweed. Just use sysusers since we
just built it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Explicitly enable all features/components in the mkosi build to
ensure they all get built and we get an error if they can't be built.
We also rework the packages sections of all mkosi configs to reduce
duplication and cover all the dependencies necessary to build/use all
systemd features.
Note that for the final image, since systemd is installed by default
in base images, we rely on that to install the base library dependencies
and we only list extra optional dependencies and tools that aren't already
installed by default into the base image.
We also drop the centos stream 8 mkosi build as dependencies on that
distro are too out-of-date to be able to build all systemd features.
Since centos stream 9 has been out for a while, let's focus on that
and leave it to downstream to keep systemd building on centos stream 8.
Finally, there's a few additions to the mkosi scripts to make sure
services don't start by default on boot.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Extra memory because ASAN needs it
- The environment variables to make the sanitizers more useful
- LD_PRELOAD because the ASAN DSO needs to be the first in the list
- The sanitizer library packages
- Disable syscall filters because they interfere with ASAN
- Disable systemd-hwdb-update because it's super slow when systemd-hwdb
is built with sanitizers
- Take the value for meson's b_sanitize option from the SANITIZERS
environment variable
|
| | |
|
| | |
|
| |
|
|
|
| |
This should, hopefully, catch issues like systemd/systemd#21671
automagically.
|
| |
|
|
|
| |
This allows us to reuse bootctl install instead of replicating the
logic in the build script.
|
| |
|
|
|
| |
Those are all "our" files, but we forgot to add the headers,
most likely because of non-standard file extensions.
|
| |
|
|
|
| |
A fix for this landed in meson 3 years ago so the workaround in the
build script can now be removed (https://github.com/mesonbuild/meson/pull/3225).
|
| |
|
|
|
| |
Also remove the space after redirection operators. (Some redirections
were with, some without, and I think it's nicer without.)
|
| |
|
|
|
|
| |
The comments were outdated: at least "nfsnobody" is not used in Fedora since a
few years. So I hope we don't need this anymore. The meson build scripts do
autodetection on their own.
|
| |
|
|
|
|
|
| |
build
If it's passed into the build, use it, so that the mkosi build version
is propagated into the image itself.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
populated /etc
On Fedora /usr/bin/ld is a symlink managed via the "alternatives"
system. This unfortunately means the binary is not usable in
environments where /var or /etc are unpopulated. Let's address this by
redirecting "ld" to "ld.bfd" manually if such an environment is
detected, via $PATH.
This is useful for building systemd in mkosi with UsrOnly=1 set.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
project dir
Until now, update-man-rules assumed that the build directory was
a subdirectory of the project directory. When using mkosi, this is
not the case. We use find instead of git ls-files because git ls-files
does not seem to support outputting absolute paths.
Also, this makes update-man-rules a bit more user-friendly as new manpages
don't have to be added to the git staging area before they are processed by
update-man-rules.py.
|
| |
|
|
|
|
| |
mkosi recently gained support to pass arguments to the build script.
Let's take advantage of this in systemd's build script to allow
passing which target to build to ninja in the build script.
|
| |
|
|
|
|
|
|
| |
With https://github.com/systemd/mkosi/pull/630, we can set environment
variables for the build script in mkosi. Let's modify the build script
so we can set the version-tag option via an environment variable of the
same name. The default is the empty string which causes meson to fall
back to the default behavior (git version).
|
| |
|
|
|
|
| |
If $SRCDIR is mounted into the build image (via mkosi overrides),
let's not reset the permissions fo the source tree so as to not
modify the original files on the host.
|
| |
|
|
|
| |
Speeds up incremental builds by half a second. Let's assume translations
won't be necessary in the resulting test images.
|
| | |
|
